[GIT PULL 00/36] KVM: s390: Features and Enhancements for 5.7 part1

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Paolo,

an early pull request containing mostly the protected virtualization guest
support. Some remarks:

1.To avoid conflicts I would rather add this early. We do have in KVM
common code:
- a new capability KVM_CAP_S390_PROTECTED = 180
- a new ioctl  KVM_S390_PV_COMMAND =  _IOWR(KVMIO, 0xc5, struct kvm_pv_cmd)
- data structures for KVM_S390_PV_COMMAND
- new MEMOP ioctl subfunctions
- new files under Documentation
- additions to api.rst 4.125 KVM_S390_PV_COMMAND

2. There is an mm patch in Andrews mm tree which is needed for full
functionality. The patch is not necessary to build KVM or to run non
protected KVM though. So this can go independently.

3. I created a topic branch for the non-kvm s390x parts that I merged
in. Vasily, Heiko or myself will pull that into the s390 tree if there
will be a conflict.


The following changes since commit 11a48a5a18c63fd7621bb050228cebf13566e4d8:

  Linux 5.6-rc2 (2020-02-16 13:16:59 -0800)

are available in the Git repository at:

  git://git.kernel.org/pub/scm/linux/kernel/git/kvms390/linux.git  tags/kvm-s390-next-5.7-1

for you to fetch changes up to cc674ef252f4750bdcea1560ff491081bb960954:

  KVM: s390: introduce module parameter kvm.use_gisa (2020-02-27 19:47:13 +0100)

----------------------------------------------------------------
KVM: s390: Features and Enhancements for 5.7 part1

1. Allow to disable gisa
2. protected virtual machines
  Protected VMs (PVM) are KVM VMs, where KVM can't access the VM's
  state like guest memory and guest registers anymore. Instead the
  PVMs are mostly managed by a new entity called Ultravisor (UV),
  which provides an API, so KVM and the PV can request management
  actions.

  PVMs are encrypted at rest and protected from hypervisor access
  while running.  They switch from a normal operation into protected
  mode, so we can still use the standard boot process to load a
  encrypted blob and then move it into protected mode.

  Rebooting is only possible by passing through the unprotected/normal
  mode and switching to protected again.

  One mm related patch will go via Andrews mm tree ( mm/gup/writeback:
  add callbacks for inaccessible pages)

----------------------------------------------------------------
Christian Borntraeger (5):
      Merge branch 'pvbase' of git://git.kernel.org/.../kvms390/linux into HEAD
      KVM: s390/mm: Make pages accessible before destroying the guest
      KVM: s390: protvirt: Add SCLP interrupt handling
      KVM: s390: protvirt: do not inject interrupts after start
      KVM: s390: protvirt: introduce and enable KVM_CAP_S390_PROTECTED

Claudio Imbrenda (2):
      s390/mm: provide memory management functions for protected KVM guests
      KVM: s390/mm: handle guest unpin events

Janosch Frank (24):
      s390/protvirt: Add sysfs firmware interface for Ultravisor information
      KVM: s390: protvirt: Add UV debug trace
      KVM: s390: add new variants of UV CALL
      KVM: s390: protvirt: Add initial vm and cpu lifecycle handling
      KVM: s390: protvirt: Secure memory is not mergeable
      KVM: s390: protvirt: Handle SE notification interceptions
      KVM: s390: protvirt: Instruction emulation
      KVM: s390: protvirt: Handle spec exception loops
      KVM: s390: protvirt: Add new gprs location handling
      KVM: S390: protvirt: Introduce instruction data area bounce buffer
      KVM: s390: protvirt: handle secure guest prefix pages
      KVM: s390: protvirt: Write sthyi data to instruction data area
      KVM: s390: protvirt: STSI handling
      KVM: s390: protvirt: disallow one_reg
      KVM: s390: protvirt: Do only reset registers that are accessible
      KVM: s390: protvirt: Only sync fmt4 registers
      KVM: s390: protvirt: Add program exception injection
      KVM: s390: protvirt: UV calls in support of diag308 0, 1
      KVM: s390: protvirt: Report CPU state to Ultravisor
      KVM: s390: protvirt: Support cmd 5 operation state
      KVM: s390: protvirt: Mask PSW interrupt bits for interception 104 and 112
      KVM: s390: protvirt: Add UV cpu reset calls
      DOCUMENTATION: Protected virtual machine introduction and IPL
      KVM: s390: protvirt: Add KVM api documentation

Michael Mueller (2):
      KVM: s390: protvirt: Implement interrupt injection
      KVM: s390: introduce module parameter kvm.use_gisa

Ulrich Weigand (1):
      KVM: s390/interrupt: do not pin adapter interrupt pages

Vasily Gorbik (3):
      s390/protvirt: introduce host side setup
      s390/protvirt: add ultravisor initialization
      s390/mm: add (non)secure page access exceptions handlers

 Documentation/admin-guide/kernel-parameters.txt |   5 +
 Documentation/virt/kvm/api.rst                  |  65 ++-
 Documentation/virt/kvm/devices/s390_flic.rst    |  11 +-
 Documentation/virt/kvm/index.rst                |   2 +
 Documentation/virt/kvm/s390-pv-boot.rst         |  84 ++++
 Documentation/virt/kvm/s390-pv.rst              | 116 +++++
 MAINTAINERS                                     |   1 +
 arch/s390/boot/Makefile                         |   2 +-
 arch/s390/boot/uv.c                             |  20 +
 arch/s390/include/asm/gmap.h                    |   6 +
 arch/s390/include/asm/kvm_host.h                | 113 ++++-
 arch/s390/include/asm/mmu.h                     |   2 +
 arch/s390/include/asm/mmu_context.h             |   1 +
 arch/s390/include/asm/page.h                    |   5 +
 arch/s390/include/asm/pgtable.h                 |  35 +-
 arch/s390/include/asm/uv.h                      | 251 ++++++++++-
 arch/s390/kernel/Makefile                       |   1 +
 arch/s390/kernel/entry.h                        |   2 +
 arch/s390/kernel/pgm_check.S                    |   4 +-
 arch/s390/kernel/setup.c                        |   9 +-
 arch/s390/kernel/uv.c                           | 414 +++++++++++++++++
 arch/s390/kvm/Makefile                          |   2 +-
 arch/s390/kvm/diag.c                            |   6 +-
 arch/s390/kvm/intercept.c                       | 122 ++++-
 arch/s390/kvm/interrupt.c                       | 399 ++++++++++-------
 arch/s390/kvm/kvm-s390.c                        | 567 +++++++++++++++++++++---
 arch/s390/kvm/kvm-s390.h                        |  51 ++-
 arch/s390/kvm/priv.c                            |  13 +-
 arch/s390/kvm/pv.c                              | 303 +++++++++++++
 arch/s390/mm/fault.c                            |  78 ++++
 arch/s390/mm/gmap.c                             |  65 ++-
 include/uapi/linux/kvm.h                        |  43 +-
 32 files changed, 2488 insertions(+), 310 deletions(-)
 create mode 100644 Documentation/virt/kvm/s390-pv-boot.rst
 create mode 100644 Documentation/virt/kvm/s390-pv.rst
 create mode 100644 arch/s390/kernel/uv.c
 create mode 100644 arch/s390/kvm/pv.c




[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Kernel Development]     [Kernel Newbies]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite Info]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Linux Media]     [Device Mapper]

  Powered by Linux